Skip to content
Snippets Groups Projects
Select Git revision
  • android-7.1.2_r28_klist
  • master default protected
  • pie-cts-release
  • pie-vts-release
  • pie-cts-dev
  • oreo-mr1-iot-release
  • sdk-release
  • oreo-m6-s4-release
  • oreo-m4-s12-release
  • pie-release
  • pie-r2-release
  • pie-r2-s1-release
  • oreo-vts-release
  • oreo-cts-release
  • oreo-dev
  • oreo-mr1-dev
  • pie-gsi
  • pie-platform-release
  • pie-dev
  • oreo-cts-dev
  • android-o-mr1-iot-release-1.0.4
  • android-9.0.0_r8
  • android-9.0.0_r7
  • android-9.0.0_r6
  • android-9.0.0_r5
  • android-8.1.0_r46
  • android-8.1.0_r45
  • android-n-iot-release-smart-display-r2
  • android-vts-8.1_r5
  • android-cts-8.1_r8
  • android-cts-8.0_r12
  • android-cts-7.1_r20
  • android-cts-7.0_r24
  • android-o-mr1-iot-release-1.0.3
  • android-cts-9.0_r1
  • android-8.1.0_r43
  • android-8.1.0_r42
  • android-n-iot-release-smart-display
  • android-p-preview-5
  • android-9.0.0_r3
40 results
Search by author
  • Any Author
  • Werner Sembach Matombo
  • dex dex dex
2 authors
  1. Apr 11, 2017
    • Jaesoo Lee's avatar
      allow to load kernel modules from vendor partition · a6ac1147
      Jaesoo Lee authored 
      The kernel  modules under /vendor partition has been relabeled to vendor_file.
This CL allows for the modprobe to load modules labeled vendor_file.

Kernel modules are loaded in init.rc with following commands:
    exec u:r:modprobe:s0 -- /system/bin/modprobe -d /vendor/lib/modules MODULE

Bug: 35653245
Test: tested on sailfish
Change-Id: I2132ca4de01c5c60476dad8496e98266de5a1bb7
      a6ac1147
  3. Apr 10, 2017
    • Howard Chen's avatar
      SELinux changes for Treble Loadable Kernel Module · f6931130
      Howard Chen authored 
      This change extends the recovery mode modprobe sepolicy
to support loadable kernel module in normal mode by using
statement below in init.rc:

exec u:r:modprobe:s0 -- /system/bin/modprobe \
    -d /vendor/lib/modules mod

Bug: b/35653245
Test: sailfish  with local built kernel and LKM enabled
Change-Id: I827e2ce387c899db3e0e179da92e79c75d61f5ae
(cherry picked from commit b638d949)
      f6931130
  5. Apr 08, 2017
  7. Apr 07, 2017
    • TreeHugger Robot's avatar
      Merge "sepolicy_version: change current version to NN.m format" into oc-dev · 86123070
      TreeHugger Robot authored
      86123070
    • Sandeep Patil's avatar
      Merge "sepolicy: allow access to vndk-stable libs" into oc-dev · 72126e1b
      Sandeep Patil authored
      72126e1b
    • Sandeep Patil's avatar
      sepolicy_version: change current version to NN.m format · 42f95984
      Sandeep Patil authored 
      
The sepolicy version takes SDK_INT.<minor> format. Make sure our
'current' policy version reflects the format and make it '100000.0'.
This ensures any vendor.img compiled with this will never work with
a production framework image either.

Make version_policy replace the '.' in version by '_' so secilc is
happy too.

This unblocks libvintf from giving out a runtme API to check vendor's
sepolicy version. The PLAT_PUBLIC_SEPOLICY_CURRENT_VERSION will
eventually be picked up from the build system.

Bug: 35217573
Test: Build and boot sailfish.
      Boot sailfish with sepolicy compilation on device.
Signed-off-by: default avatarSandeep Patil <sspatil@google.com>

Change-Id: Ic8b6687c4e71227bf9090018999149cd9e11d63b
      42f95984
    • Alex Klyubin's avatar
      Merge "Preserve treble-only flag for CTS neverallows" into oc-dev · df720941
      Alex Klyubin authored
      df720941
    • Alex Klyubin's avatar
      Preserve treble-only flag for CTS neverallows · 446279a6
      Alex Klyubin authored 
      CTS includes general_sepolicy.conf built from this project. CTS then
tests this file's neverallow rules against the policy of the device
under test. Prior to this commit, neverallow rules which must be
enforced only for Treble devices we not included into
general_sepolicy.conf. As a result, these rules were not enforced for
Treble devices.

This commit fixes the issue as follows. Because CTS includes only one
policy, the policy now contains also the rules which are only for
Treble devices. To enable CTS to distinguish rules needed for all
devices from rules needed only on Treble devices, the latter rules are
contained in sections delimited with BEGIN_TREBLE_ONLY and
END_TREBLE_ONLY comments.

This commit also removes the unnecessary sepolicy.general target. This
target is not used anywhere and is causing trouble because it is
verifying neverallows of the policy meant to be used by CTS. This
policy can no longer be verified with checkpolicy without
conditionally including or excluding Treble-only neverallows.

Test: mmm system/sepolicy
Test: Device boots -- no new denials
Bug: 37082262
Change-Id: I15172a7efd9374543ba521e17aead1bdda7451bf
      446279a6
    • TreeHugger Robot's avatar
      Merge "allow access to vendor_framework_file to dex2oat and appdomain" into oc-dev · b9bd6708
      TreeHugger Robot authored
      b9bd6708
    • Martijn Coenen's avatar
      Fix checkfc options order. · ee97662f
      Martijn Coenen authored 
      darwin's getopt() doesn't like putting arguments
in the wrong order.

Test: Mac/Linux builds
Change-Id: If632e9077c1b5714f91c5adaa04afb4963d9b0f5
      ee97662f
    • Jaesoo Lee's avatar
      allow access to vendor_framework_file to dex2oat and appdomain · 5377be65
      Jaesoo Lee authored 
      We should give appdomain the access to the /vendor/framework directory
since the jar in the directory is not dexopt-ed.AFAIK, jars which are
not in the bootclasspath are not dexopt-ed by default.

Bug: b/37129319
Test: built and confirmed that embms.apk not crashed

Change-Id: Ic2b1eef472f2fba53e26403dde8ad9ede8105a03
      5377be65
    • TreeHugger Robot's avatar
      Merge changes from topic 'vnd-sepol' into oc-dev · f497d0b7
      TreeHugger Robot authored 
      * changes:
  Allow 'su' domain access to vndbinder.
  Modify checkfc to check (vnd|hw)service_manager_type.
      f497d0b7
    • Jiyong Park's avatar
      sepolicy: allow access to vndk-stable libs · a4768fa8
      Jiyong Park authored 
      Vndk-stable libs are system libs that are used by same process HALs.
Since same process HALs can be loaded to any process, so are vndk-stable
libs.

Bug: 37138502
Test: none, because the directory is currently empty and thus this is
no-op. sailfish builds and boots.

Change-Id: I67a2c8c2e4c3517aa30b4a97dc80dc2800e47b5a
      a4768fa8
    • Martijn Coenen's avatar
      Allow 'su' domain access to vndbinder. · cf741dd7
      Martijn Coenen authored 
      For example, for listing vndbinder services
using 'adb shell service -v list'

Test: adb shell service -v list
Bug: 36987120
Change-Id: Ibf3050710720ae4c920bc4807c9a90ba43717f3b
      cf741dd7
    • Martijn Coenen's avatar
      Modify checkfc to check (vnd|hw)service_manager_type. · d48d54a3
      Martijn Coenen authored 
      added checkfc options 'l' and 'v' to verify hwservice_manager_type
and vndservice_manager_type on service context files, respectively.

The checkfc call to verify the new hwservice_contexts files will
be added together with hwservicemanager ACL CLs later.

Bug: 34454312
Bug: 36052864
Test: device boots, works
Change-Id: Ie3b56da30be47c95a6b05d1bc5e5805acb809783
      d48d54a3
  9. Apr 06, 2017
  11. Apr 05, 2017
    • Sandeep Patil's avatar
      sepolicy: relabel /vendor · 277a20eb
      Sandeep Patil authored 
      
The CL splits /vendor labeling from /system. Which was allowing all
processes read, execute access to /vendor.

Following directories will remain world readable
 /vendor/etc
 /vendor/lib(64)/hw/

Following are currently world readable but their scope
will be minimized to platform processes that require access
 /vendor/app
 /vendor/framework/
 /vendor/overlay

Files labelled with 'same_process_hal_file' are allowed to be
read + executed from by the world. This is for Same process HALs and
their dependencies.

Bug: 36527360
Bug: 36832490
Bug: 36681210
Bug: 36680116
Bug: 36690845
Bug: 36697328
Bug: 36696623
Bug: 36806861
Bug: 36656392
Bug: 36696623
Bug: 36792803

All of the tests were done on sailfish, angler, bullhead, dragon
Test: Boot and connect to wifi
Test: Run chrome and load websites, play video in youtube, load maps w/
      current location, take pictures and record video in camera,
      playback recorded video.
Test: Connect to BT headset and ensure BT audio playback works.
Test: OTA sideload using recovery
Test: CTS SELinuxHostTest pass

Change-Id: I278435b72f7551a28f3c229f720ca608b77a7029
Signed-off-by: default avatarSandeep Patil <sspatil@google.com>
      277a20eb
    • Andreas Gampe's avatar
      Sepolicy: Add ASAN-Extract · 82071b68
      Andreas Gampe authored 
      Add selinux policies for init script and shell script to unzip a tar
containing ASAN libraries on boot.

Bug: 36458146
Test: m && m SANITIZE_TARGET=address
Test: manual (build steps for tar missing)
Change-Id: I5c3cb233aae93ee9985431090af902b0e3c1b0a7
(cherry picked from commit 0b743050)
Merged-In: I5c3cb233aae93ee9985431090af902b0e3c1b0a7
      82071b68
    • TreeHugger Robot's avatar
      Merge "Remove unnecessary adbd permissions." into oc-dev · 6821bb40
      TreeHugger Robot authored
      6821bb40
    • Steven Moreland's avatar
      Remove unnecessary adbd permissions. · 97848f05
      Steven Moreland authored 
      Test: adbd_test (with and without adb root)
  Note: one test fails without root with and without this change
        because of an unrelated shell selinux denial.
Test: adb screencap, pull, and verify
Test: Android Studio screenshot
Bug: 36643190
Change-Id: Ib534240bc9bb3a1f32b8865ca66db988902a0f4a
      97848f05